Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
697
Views
0
Helpful
1
Replies

Pix 525 - AS400 TN5250 Sign On Screen disconnect and session problems

rony.braeckman
Level 1
Level 1

‎02-17-2003 12:05 PM - edited ‎02-20-2020 10:33 PM

I did install last week a PIX 525 in our company. We use AS400 TN 5250 as our main cpu system. Now we have a problem with our AS400 users which have the Sign On screen disconnected after about 1 hour of no activity and the problem that at the AS400 site the session is locked and at the PC site the session did disconnect. When we try to sign in in the Sign On screen of our AS400 we are running out of ports and the connection is no more established.

Does the PIX close sessions after a period of no data transfer?

Our emulator Client Express needs ports 23, 449, 8470, 8475 and 8476 and there is a polling dialog every 2 min.

The AS400 users on the inside interface doesn't have the problem.

What can be the reason ? Best Regards

0 Helpful
1 Reply 1

gfullage
Cisco Employee
Cisco Employee

‎02-17-2003 02:59 PM

The PIX will definately close down a TCP connection after 1 hour of inactivity by default. You can change this behaviour with the following command:

> timeout conn 03:00:00

This will set the connection timeout to 3 hours. See http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/cmdref/tz.htm#1026093

Note that the xlate timeout *should* be higher than the conn timeout, so if you increase the conn timeout, you might need to change the xlate timeout also (this defaults to 3 hours).

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card